Federal data breaches jumped 19 percent last year, the Government Accountability Office said Tuesday. There were roughly 13,000 incidents reported by agencies in 2010 involving unauthorized disclosures of personally identifiable information — last year, that figure shot up to 15,500, Greg Wilshusen, GAO’s director of information security issues, told the Senate subcommittee on government management…
Category: Commentaries and Analyses
Recent Developments — Both in the Courts and in Congress — on the Scope of the Computer Fraud and Abuse Act
Orin Kerr writes: I’ve blogged a lot on the scope of the Computer Fraud and Abuse Act, and specifically on whether using a computer in violation of a computer use policy or Terms of Service is a federal crime. I’ve been banging the drum urging courts to adopt a narrow interpretations of the Act for a decade,…
Latest Data Breach Notification Bill Won’t Go Far
Eduard Goodman of Identity Theft 911 dissects the data breach notification bill introduced last month by Rep. Toomey and finds it seriously wanting: The latest bill to address the problem of data breaches is just one of an increasingly long line of proposed federal breach notice regulations with little to no chance of becoming law…
FTC Action Against Wyndham May Provide First Fully Litigated Section 5 Privacy/Security Case
Hogan Lovells Chronicle of Data Protection has a commentary on the FTC’s lawsuit against Wyndham (mentioned previously on this blog): On June 26, the FTC filed a complaint against Wyndham Worldwide Corporation, a global hotel and resort company, and three of its subsidiaries for violation of Section 5 of the FTC Act. If this case goes to…
Follow-up: Regulators criticize NYSEG for computer security breach
Remember the breach reported by New York State Electric & Gas (NYSEG) and Rochester Gas and Electric (RG&E) back in January? Jeff Platsky reports the results of an investigation into the utilities’ security: A potential data breach at New York State Electric & Gas Corp. not only drew the ire of customers but is now…
EU wants breach notification for certificate authorities
Stewart Mitchell reports: European authorities plan to clamp down on certificate authorities, demanding security signing organisations speak up if hit by hackers. Certificate authorities – either private or government backed – issue digital certificates that verify web pages and code, and are a key component of the web running smoothly and securely. But as last…